|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Matt (matt
use.net)
Date: Fri Jul 06 2007 - 12:59:30 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Fri, 6 Jul 2007, Dave Aitel wrote:
> http://bp3.blogger.com/_aU4sjfnl3RY/Ro4EjK53JyI/AAAAAAAAAEM/DSWoKCXxXFI/s1600-h/P7060093.JPG
>
> Does anyone want to speculate as to the 0day? I assume putting %00%00
> inside strings isn't it? :> Ooh, what about %u0000? :>
>
> Does mono have the same bug? Are they bug for bug compliant?
As for finding bugs in mono, here's a big clue: Do your fuzzing of ASP.NET
apps while running mono itself under valgrind. There's a valgrind
suppressions file in mono/data/mono.supp to filter out the false positives
generated by libgc.
Luis and I will be talking about combining fuzzing and valgrind in our
BlackHat class
(http://blackhat.com/html/bh-usa-07/train-bh-us-07-mh.html).
Mono maps some performance-critical .NET fucntionality to native C code,
generally for doing crypto and protocol decoding.
Have fun! :)
PS: For bonus points see if a PC-Lint run will find some of
the bugs ;>
--
tangled strands of DNA explain the way that I behave.
http://www.clock.org/~matt
_______________________________________________
Dailydave mailing list
Dailydavelists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]